Zscaler Inc.‘s Las Vegas Zenith Live ‘24 event in Las Vegas last week featured a wide range of news, from zero-trust security to a new breach detector.
Most of the news was unveiled during the keynotes, which featured several executives, including Chief Executive Jay Chaudhry (pictured), Deepen Desai, chief security officer and head of security and research, Senior Vice President of Product Management Dhawal Sharma, and Punit Minocha, executive vice president of business and corporate development. Here are the highlights:
Zscaler’s mission: Simplify security while protecting against advanced threats
As has been the case with every Zenith Live, Chaudhry kicked off the keynotes. He opened his session by talking about the core principles that Zscaler was founded on and why customers have embraced zero trust. Since Zscaler was founded, Chaudhry has been very vocal about the need for security to transform and move from an outdated firewall and virtual private network-based architecture to a zero-trust built on a proxy model. “There are three reasons customers are embracing zero trust – eliminating cost and complexity, protecting against phishing attacks, and minimizing the impact of lateral movements,” he said.
Chaudhry’s comments align with my research, showing that cost savings and improving cybersecurity are priorities 1 and 1a on almost every information technology and business leader’s list. Zscaler’s zero-trust network access or ZTNA is delivered from the cloud and is significantly cheaper than purchasing physical firewalls and VPN concentrators.
The improved protection requires understanding zero trust and a leap of faith. Internet Protocol networks are built on the concept that everything can talk to everything, so the internet can work as fast as it does. The downside is that if a firewall is breached, the threat actor has unfettered access to everything behind it. The only way to stop this is to deploy more firewalls, which adds cost and complexity.
With zero trust, the principle is that a device has no access to any other unless explicitly allowed, so if breached, the “blast radius” is reduced. The willingness to remove firewalls is based on the leap of faith that zero trust works as advertised. I’ve talked to enough customers to know this to be accurate, but removing a firewall can be scary. At the event, I asked one of the customers if taking out the firewalls initially scared him, and his response was, “It scared the crap out of me, but we knew it was the right thing to do, and now we don’t think about it.”
With phishing on the rise and networks growing in complexity, going firewall-heavy will only add to the complexity and make it harder to find a breach when one occurs.
Data to be Zscaler’s long-term differentiator
Desai started his keynote portion by sharing a startling statistic about Zscaler. “We are the world’s largest security cloud,” he said. “Daily, we’re scanning 400 billion transactions. The goal is to ensure nothing bad comes and nothing good leaks out.”
On the data fabric side, the company made a significant acquisition of Avalor Technologies Inc. in March — paying $350 million for the data fabric security firm.
“The goal over there is to bring in all the rich telemetry and intelligence that we see in our inline platform and then contextualize it using third-party signals from all the security tools commonly found in the enterprise security stack,” he said. “And the goal is to improve our detection efficacy, policy enforcement then further, and also build several innovative use cases on top of this platform.”
As security becomes more artificial intelligence-driven, data becomes a key to the effectiveness of the AI engine. As the company continues to grow it base, it adds to the data platform, which only helps it accelerate its AI initiatives.
Predicting breaches
Desai then discussed the newly announced Breach Predictor, which combines visibility from the Zscaler’s End Point, Internet Access, Posture Cloud, Private Access, and Threat Intelligence into an AI breach prediction and policy recommendation engine that includes past policies, the security data fabric and best practices from peers.
“This is the east-west traffic, and we’re contextualizing it with our global threat intelligence, bringing in the context of the policies on how the customers are configured,” he said. “And leveraging a combination of generative AI and predictive models to detect potential breach-like scenarios. That’s what we’re calling Breach Predictor.”
But, Desai said, it doesn’t want to stop there. Whenever Zscaler sees potential breach-like scenarios, the company wants to notify the organization as quickly as possible and recommend policy actions to mitigate the issues — including blocking access to certain internet-bound destinations, containing an endpoint or cutting off access from an endpoint. Those steps are all part of the mitigation workflow.
Desai shared a demo of Breach Predictor, which was impressive, including a well-thought-out dashboard that visually displays breach probability from initial compromise and lateral propagation and then to the information any SecOps admin needs to see.
Zscaler zero trust
Sharma then joined in with Zscaler’s cloud efforts, including SWG, zero-trust network access, digital experience, zero trust for workloads, zero-trust software-defined wide-area network, unified data protection, and AII SecOps. The company’s goal, he said, is to help eliminate legacy solutions and consolidate on the Zscaler Zero Trust Exchange.
This platform includes all the Zscaler solution areas. “The underlying platform is running on 150 POPs across the globe with our global infrastructure with our inline zero trust exchange, and our Zscaler data fabric, which comes with the acquisition of Avalor a few months ago,” he said.
Sharma also discussed the new Zscaler experience, which the company describes as a “brand-new, unified and more intuitive console for leaders and practitioners.” The experience includes analytics, admin tasks, policies, networking, integrations and logs, which Sharma walked through.
A new app
In addition, he looked at the new CXO app. “This is very focused on CXO personas, like CISOs, CTOs and CIOs, where they can see their overall traffic trend across the organization,” he said. “They can see their employee’s digital experience, for example, and see how the traffic has been trending, helping them think about capacity planning. It could be very persona-based heads of networks or security for CISOs.”
The app looks slick. I wonder how many CXOs would want to get bogged down in the minutiae it offers, though. Some will, but others might want a two-line summary. Give Zscaler props for the effort, though.
Copilot on the dashboard
Sharma then detailed other aspects of the dashboard, including Copilot as well as ZDX and ServiceNow integrations. The Copilot integration looks interesting, with the ability to chat to find out issues in natural language. One example he used was just asking: “Are there any Wi-Fi issues across the company?” The results visually display issues, with an easy-to-follow visual of affected users.
Getting serious with Google
Minocha came on to discuss partnerships, highlighting the expanded work Zscaler is doing with Google to deliver secure app access, data protection and security insights. He also noted that the company has longstanding relationships with Amazon Web Services Inc. and Microsoft Corp. But Google LLC has become a favorite of the Zscaler customer base.
“As we continue to sell into the enterprise market — you know, 1,000-plus customers — we are starting to run into more situations where there’s a whole lot of Google shops as well,” he said. “And so this is a natural extension of our overall partner ecosystem.”
Integration with Google Chrome Enterprise will provide zero trust to private apps, eliminating the need for legacy VPNs and additional browser software. Plus, there’ll be advanced security for managed and unmanaged devices. A similar integration with Google Workspace will prevent exfiltration of sensitive data — handling data loss prevention, tenant restrictions and Google Drive labels.
The company will also integrate with Google Security Operations, providing cloud security insights with Zscaler Telemetry.
Some final thoughts
Zscaler started as a niche security company but has become a full security platform vendor. The company has made significant progress, and its acquisition of Avalor is already paying off.
The most intriguing development might be its deepening of ties with Google. Always looked at as coming in third in a two-company hyperscaler race, Google shouldn’t be an afterthought. Its presence in the enterprise world is formidable. So Zscaler is right to hedge its bets on Microsoft and AWS by hitching up with Google.